README.md in Chinese 中文

Scanners Box is a collection of open source scanners which are from the github platform, including subdomain enumeration, database vulnerability scanners, weak passwords or information leak scanners, port scanners, fingerprint scanners, and other large scale scanners, modular scanner etc.For other Well-known scanning tools, such as: nmap, w3af will not be included in the scope of collection.

Welcome everyone to contribute!

• https://github.com/lijiejie/subDomainsBrute (Classical Subdomain Enumeration Tool)
• https://github.com/ring04h/wydomain (Intergrated Subdomain Enumeration Tool via Massive Dictionary Rules)
• https://github.com/le4f/dnsmaper (Subdomain Enumeration tool with map record)
• https://github.com/0xbug/orangescan (Online Subdomain Enumeration Tool)
• https://github.com/TheRook/subbrute (A DNS meta-query spider that enumerates DNS records, and subdomains.)
• https://github.com/We5ter/GSDF (Subdomain Enumeration via Google Certificate Transparency）
• https://github.com/mandatoryprogrammer/cloudflare_enum (Subdomain Enumeration via CloudFlare）
• https://github.com/guelfoweb/knock (Knock Subdomain Scan)
• https://github.com/Evi1CLAY/CoolPool/tree/master/Python/DomainSeeker (An Intergratd Python Subdomain Enumeration Tool)
• https://github.com/code-scan/BroDomain (Find brother domain)
• https://github.com/chuhades/dnsbrute (a fast domain brute tool)
• https://github.com/yanxiu0614/subdomain3 (A simple and fast tool for bruting subdomains)
• https://github.com/michenriksen/aquatone (A powerful subdomain tool)
• https://github.com/evilsocket/dnssearch (A subdomain enumeration tool)
• https://github.com/OrOneEqualsOne/reconned (Subdomain enumeration tools for bug hunting)
• https://github.com/bit4woo/Teemo （A Domain Name & Email Address Collection Tool）
• https://github.com/laramies/theHarvester （E-mail, subdomain and people names harvester ）
• https://github.com/swisskyrepo/Subdomino (An application that enumerates subdomains, and scan them with several rules)

• https://github.com/0xbug/SQLiScanner (A SQLi Vulnerability Scanner via SQLMAP and Charles)
• https://github.com/stamparm/DSSS (A SQLi Vulnerability Scanner with 99 lines of code)
• https://github.com/LoRexxar/Feigong (A SQLi Vulnerability Scanner for MySQL)
• https://github.com/youngyangyang04/NoSQLAttack (A SQLi Vulnerability Scanner for mongoDB)
• https://github.com/Neohapsis/bbqsql (A Blind SQLi Vulnerability Scanner)
• https://github.com/NetSPI/PowerUpSQL (A SQLi Vulnerability Scanner with Powershell Script)
• https://github.com/WhitewidowScanner/whitewidow (Another SQL Vulnerability Scanner)
• https://github.com/stampery/mongoaudit (A powerful MongoDB auditing and pentesting tool)
• https://github.com/torque59/Nosql-Exploitation-Framework (A Python Framework For NoSQL Scanning and Exploitation)
• https://github.com/missDronio/blindy (Simple script to automate brutforcing blind sql injection vulnerabilities)

• https://github.com/lijiejie/htpwdScan (A python HTTP weak pass scanner)
• https://github.com/lijiejie/BBScan (A tiny Batch weB vulnerability Scanner)
• https://github.com/lijiejie/GitHack (A .git folder disclosure exploit)
• https://github.com/wilson9x1/fenghuangscanner_v3 (ports&weak password scanner)
• https://github.com/ysrc/F-Scrack (single file bruteforcer supports multi-protocol)
• https://github.com/Mebus/cupp (Common User Passwords Profiler)
• https://github.com/RicterZ/genpAss (Weak password generator)
• https://github.com/netxfly/crack_ssh (Ssh\redis\mongodb weak password bruteforcer)
• https://github.com/n0tr00t/Sreg (Social information collector)
• https://github.com/repoog/GitPrey (Searching sensitive files and contents in GitHub)
• https://github.com/dxa4481/truffleHog (Searches high entropy strings through git repositories)
• https://github.com/LandGrey/pydictor (A useful hacker dictionary builder for a brute-force attack)
• https://github.com/fnk0c/cangibrina (A fast and powerfull dashboard (admin) finder)
• https://github.com/shengqi158/svnhack (A .svn folder disclosure exploit)
• https://github.com/shengqi158/weak_password_detect (A python HTTP weak password scanner)

• https://github.com/rapid7/IoTSeeker (Weak-password IoT Devices Scanner)
• https://github.com/shodan-labs/iotdb (IoT Devices Scanner via nmap)
• https://github.com/googleinurl/RouterHunterBR (Testing vulnerabilities in devices and routers connected to the Internet)
• https://github.com/scu-igroup/telnet-scanner (weak telnet password scanner based on password enumeration)

• https://github.com/shawarkhanethicalhacker/BruteXSS (Cross-Site Scripting Bruteforcer)
• https://github.com/1N3/XSSTracer (A small python script to check for Cross-Site Tracing)
• https://github.com/0x584A/fuzzXssPHP (A very simple reflected XSS scanner supports GET/POST)
• https://github.com/chuhades/xss_scan (Reflected XSS scanner)
• https://github.com/BlackHole1/autoFindXssAndCsrf (A plugin for browser that checks automatically whether a page haves XSS and CSRF vulnerabilities)
• https://github.com/shogunlab/shuriken （XSS command line tool for testing lists of XSS payloads on web apps）
• https://github.com/UltimateHackers/XSStrike (fuzz and bruteforce parameters for XSS,WAFs detect and bypass)
• https://github.com/stamparm/DSXS （A fully functional Cross-site scripting vulnerability scanner,supporting GET and POST parameters,and written in under 100 lines of code）

• https://github.com/ysrc/xunfeng （Vulnerability rapid response,scanning system for Intranet)
• https://github.com/laramies/theHarvester (E-mail, subdomain and people names harvester)
• https://github.com/x0day/Multisearch-v2 (Enterprise assets collector based on search engine)

• https://github.com/We5ter/Scanners-Box/tree/master/webshell/ (PHP Webshell Decetor and webshell sample library)
• https://github.com/ym2011/ScanBackdoor (Webshell Decetor)
• https://github.com/yassineaddi/BackdoorMan (A toolkit find malicious, hidden and suspicious PHP scripts and shells in a chosen destination)
• https://github.com/he1m4n6a/findWebshell (Webshell Decetor)
• https://github.com/Tencent/HaboMalHunter (Used for automated malware analysis and security assessment on the Linux system)
• https://github.com/PlagueScanner/PlagueScanner (Open source multiple AV scanner framework)
• https://github.com/nbs-system/php-malware-finder (An awesome tool to detect potentially malicious PHP files)
• https://github.com/emposha/PHP-Shell-Detector/ （Helps you find and identify php/cgi(perl)/asp/aspx shells)

• https://github.com/0xwindows/VulScritp (Intranet penetration test scripts)
• https://github.com/lcatro/network_backdoor_scanner (An internal network scanner like meterpreter)
• https://github.com/fdiskyou/hunter (User hunter using WinAPI calls only)
• https://github.com/BlackHole1/WebRtcXSS (Use XSS automation Invade intranet)

• https://github.com/ring04h/wyportmap (Target port scanning + system service fingerprint recognition)
• https://github.com/ring04h/weakfilescan (Dynamic multi - thread sensitive information leak detection tool)
• https://github.com/EnableSecurity/wafw00f (Identify and fingerprint Web Application Firewall)
• https://github.com/rbsec/sslscan (Tests SSL/TLS enabled services to discover supported cipher suites)
• https://github.com/urbanadventurer/whatweb (Website Fingerprinter)
• https://github.com/tanjiti/FingerPrint (Another Website Fingerprinter)
• https://github.com/nanshihui/Scan-T (A new spider based on python with more function including Network fingerprint search)
• https://github.com/OffensivePython/Nscan (Fast internet-wide scanner)
• https://github.com/ywolf/F-NAScan (Scanning a network asset information script)
• https://github.com/ywolf/F-MiddlewareScan (A vulnerability detection scripts for middleware services)
• https://github.com/maurosoria/dirsearch (Web path scanner)
• https://github.com/x0day/bannerscan (C-segment Banner with path scanner)
• https://github.com/RASSec/RASscan (Internal network port speed scanners)
• https://github.com/3xp10it/bypass_waf (Automatic WAF Bypass Fuzzing Tool)
• https://github.com/3xp10it/xcdn (Try to find out the actual ip behind cdn)
• https://github.com/Xyntax/BingC (Based on the Bing search engine C / side-stop query, multi-threaded, support API)
• https://github.com/Xyntax/DirBrute (Multi-thread WEB directory enumerating tool)
• https://github.com/zer0h/httpscan (A HTTP Service detector with a crawler from IP/CIDR)
• https://github.com/lietdai/doom (Distributed task distribution of the ip port vulnerability scanner based on thorn)
• https://github.com/chichou/grab.js (Fast TCP banner grabbing like zgrab, but supports much more protocol)
• https://github.com/Nitr4x/whichCDN (Detect if a given website is protected by a Content Delivery Network)
• https://github.com/secfree/bcrpscan (Base on crawler result web path scanner)
• https://github.com/mozilla/ssh_scan (A prototype SSH configuration and policy scanner)
• https://github.com/18F/domain-scan (Scans domains for data on their HTTPS configuration and assorted other things)
• https://github.com/ggusoft/inforfinder (A tool made to collect information of any domain pointing at a server and fingerprinter)
• https://github.com/boy-hack/gwhatweb (Fingerprinter for CMS)
• https://github.com/Mosuan/FileScan (Sensitive files scanner)
• https://github.com/Xyntax/FileSensor （Dynamic file detection tool based on crawler）
• https://github.com/deibit/cansina (Web Content Discovery Tool)
• https://github.com/0xbug/Howl (Network equipment, web services, fingerprint scanner and database)

• https://github.com/blackye/Jenkins (Jenkins vulnerability detection, user grab enumerating)
• https://github.com/code-scan/dzscan (discuz scanner)
• https://github.com/chuhades/CMS-Exploit-Framework (CMS Exploit Framework)
• https://github.com/lijiejie/IIS_shortname_Scanner (An IIS shortname Scanner)
• https://github.com/riusksk/FlashScanner (Flash XSS Scanner)
• https://github.com/coffeehb/SSTIF (Server Side Template Injection Tool)
• https://github.com/epinna/tplmap （Automatic Server-Side Template Injection Detection and Exploitation Tool）
• https://github.com/cr0hn/dockerscan (Docker security analysis & hacking tools)
• https://github.com/m4ll0k/WPSeku (Simple Wordpress Security Scanner)
• https://github.com/rastating/wordpress-exploit-framework (Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems)
• https://github.com/ilmila/J2EEScan (A plugin for Burp Suite Proxy to improve the test coverage during web application penetration tests on J2EE applications)
• https://github.com/riusksk/StrutScan (Struts2 Vuls Scanner base perl script)
• https://github.com/D35m0nd142/LFISuite (Totally Automatic LFI Exploiterand Scanner supports Reverse Shell)
• https://github.com/0x4D31/salt-scanner （Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration）
• https://github.com/tijme/angularjs-csti-scanner (Automated client-side template injection detection for AngularJS)
• https://github.com/irsdl/IIS-ShortName-Scanner (latest version of scanners for IIS short filename 8.3 disclosure vulnerability)
• https://github.com/swisskyrepo/Wordpresscan (WPScan rewritten in Python + some WPSeku ideas)

• https://github.com/savio-code/fern-wifi-cracker/ (Testing and discovering flaws in ones own network)
• https://github.com/m4n3dw0lf/PytheM (Multi-purpose network pentest framework)
• https://github.com/P0cL4bs/WiFi-Pumpkin (Framework for Rogue Wi-Fi Access Point Attack)
• https://github.com/MisterBianco/BoopSuite (A Suite of Tools written in Python for wireless auditing and security testing)
• https://github.com/DanMcInerney/LANs.py (Automatically find the most active WLAN users,Inject code, jam wifi, and spy on wifi users)

• https://github.com/sowish/LNScan (Local Network Scanner based on BBScan via.lijiejie)
• https://github.com/niloofarkheirkhah/nili （Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing）
• https://github.com/SkyLined/LocalNetworkScanner (PoC Javascript that scans your local network when you open a webpage)

• https://github.com/wufeifei/cobra （A static code analysis system that automates the detecting vulnerabilities and security issue）
• https://github.com/OneSourceCat/phpvulhunter （A tool that can scan php vulnerabilities automatically using static analysis methods）
• https://github.com/Qihoo360/phptrace （A tracing and troubleshooting tool for PHP scripts）
• https://github.com/ajinabraham/NodeJsScan (A static security code scanner for Node.js applications)
• https://github.com/shengqi158/pyvulhunter (A static security code scanner for python applications)
• https://github.com/presidentbeef/brakeman (A static analysis security vulnerability scanner for Ruby on Rails applications)

• https://github.com/infobyte/faraday (Collaborative Penetration Test and Vulnerability Management Platform)
• https://github.com/az0ne/AZScanner （Automatic all-around scanner）
• https://github.com/blackye/lalascan (Distributed web vulnerability scanning framework)
• https://github.com/blackye/BkScanner (Distributed, plug-in web vulnerability scanner)
• https://github.com/ysrc/GourdScanV2 (Passive Vulnerability Scanning System)
• https://github.com/alpha1e0/pentestdb (WEB penetration test database)
• https://github.com/netxfly/passive_scan (Realization of Web Vulnerability Scanner Based on http Proxy)
• https://github.com/1N3/Sn1per (Automated Pentest Recon Scanner)
• https://github.com/RASSec/pentestEr_Fully-automatic-scanner (Directional Fully Automated Penetration Testing)
• https://github.com/3xp10it/3xp10it （A automated Penetration Testing Framework)
• https://github.com/Lcys/lcyscan （A vuls scanner，plugins supported)
• https://github.com/Xyntax/POC-T （Penetration Test Plug-in Concurrency Framework）
• https://github.com/v3n0m-Scanner/V3n0M-Scanner (Scanner in Python3.5 for SQLi/XSS/LFI/RFI and other Vulns)
• https://github.com/Skycrab/leakScan (Multiple vuls scan supports Web interface）
• https://github.com/zhangzhenfeng/AnyScan (A automated Penetration Testing Framework)
• https://github.com/brianwrf/NagaScan (Another distributed passive scanner for Web application)
• https://github.com/Tuhinshubhra/RED_HAWK (An All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling. Coded In PHP)
• https://github.com/Arachni/arachni (Web Application Security Scanner Framework)
• https://github.com/boy-hack/w8scan (A scanner that similar to bugscan)
• https://github.com/scipag/vulscan (https://github.com/scipag/vulscan)
• https://github.com/juansacco/exploitpack (Exploit Pack - Penetration testing framework GPLv3)
• https://github.com/swisskyrepo/DamnWebScanner (Another web vulnerabilities scanner, this extension works on Chrome and Opera)
• https://github.com/anilbaranyelken/tulpar （Web Vulnerability Scanner written in python,supported multiple web vulnerabilities scan）

• https://github.com/Neo23x0/Loki (Simple IOC and Incident Response Scanner)

• https://github.com/w3h/icsmaster/tree/master/nse (Digital Bond's ICS Enumeration Tools)

The purpose of this collection is to provide various types of opensource security scanning tool that can help Internet companies to be more safer.

Wester(Twitter @Hi_Wester) & Martin(Twitter @Martin ZHOU)

Do not use for illegal purposes.

Please specify reproduced from https://github.com/We5ter/Scanners-Box

• @0c0c0f
• @藏形匿影(wacai.com)
• Mottoin team
• @BlackHole
• @CodeColorist
• @3xp10it
• @re4lity
• @UltimateHackers
• @boy-hack
• @marsII

©Sixtant Security Lab 2016-2017